Understanding IPv6: The Journey Begins

Why is IPv6 so difficult to understand? Denise Fishburne explains how she began unraveling this complex topic.

IPv6 and I met back in the early 2000s. I really didn't see the big deal or know what all the RFCs were about. This stuff was easy. Of course, at the time, my thoughts were barely even scratching at the surface, and I still believed IPv6 was just IPv4 with 128 bits. I was in what I now refer to as the "Checklist IPv6" phase.

"Checklist IPv6" was actually a great place for me to start. I had to remember only a few things while I was configuring the routers. Then I could kick back and let the magic of routing protocols work. Voila, IPv6 addresses would show up in the routing table of some other router in the lab. Ping to confirm, and I was done.

IPv6 "I know nothing" phase
The quote "The more you know, the more you realize how much you don't know. The less you know, the more you think you know," is attributed to David T. Freeman. I discovered the truth of this as I began digging deeper. The trigger to this phase was when I realized that IPv6 was clearly not IPv4 with 128 bits. When did that happen? When I read that there was no broadcast in IPv6.

That started an avalanche of questions, including:

Why the heck did they get rid of broadcast?

If there is no broadcast, how does one resolve MAC addresses?

What is this weird link-local address thing?

What do you mean you can just randomly generate your own link-local address? And why not?

Solicited-node multicast? Really?

This SLAAC thing has two different flavors?

I was honestly struggling with the impossibility of memorizing all these varying attributes. It all culminated in one question that eventually formed in my mind. The question went something like "Seriously? Why couldn't we have just stayed with IPv4 and increased it to 128 bits?"

The reverse-engineering phase
We all have strengths and weaknesses. One of my weaknesses is the ability to memorize a list of facts. I'm much better if I can see a flow, an equation, or a reason in my mind. So I had to spend some time trying to reverse-engineer the "why" of IPv6.

It was the year 1993. BOOTP required much manual intervention, and there was concern that IPv4 addresses would run out. In October of that year, RFC 1531 was published, defining DHCP as an extension to BOOTP. A couple of months later, RFC 1550 solicited for white papers on "IP Next Generation" (IPng). RFC 1550 helped take me back in time to the issues that were at the forefront of people's minds and what the IPng protocol would need to address. I specifically liked one quote in section 5: "Any or all of these issues may be addressed, as well as any other topic that the author feels is germane."

That one sentence essentially gave me permission to imagine all the things people might have thought were "germane" to the next generation of IP. I came up with the following potential discussions that could have happened between 1993 and 1996, when RFC 1970 was produced, defining IPv6's Neighbor Discovery protocol.

Broadcast: Why broadcast to every device on the segment? Why bother every device on the segment to process a broadcast? Can't we do MAC resolution a different way?

IPng addressing on local links: Why use up precious IPng addresses supporting routing protocols on a local segment just for the purpose of routers talking to each other? They are just communicating on that local segment.

BOOTP manual intervention: Isn't there a better way for devices to get IPng addresses? Or to get the options and information they need? Or to find out who their default gateway should be?

Did all these questions actually come up? I have no clue. But thinking about them has helped me reverse engineer some potential "whys" of much that has confused me about IPv6.

Sharing my journey
As I mentioned earlier, I don't really learn well by just memorization. I have to see a flow, a reason, or an equation and then play with it. At first, in the darkness, there is really just darkness. Then there's an occasional "hmmmm." Then there's a flicker of a potential light of understanding that might -- just might -- be around the next bend. You're rewarded with an "a-ha" moment that lasts for only a moment, until that "a-ha" brings up still more questions.

But for right now, I'd like to share my fun in the lab and what I have learned with you in this series. Next time, we'll talk about and look at sniffer traces and debugs.

Denise "Fish" Fishburne, (CCIE #2639, CCDE #2009:0014, Cisco Champion) is a team lead with Cisco's Customer Proof of Concept Lab in Research Triangle Park, N.C. Fish loves playing in the lab, troubleshooting, learning, and passing it on. She has been regular speaker at ... View Full Bio

@AbeG: It depends whether it's a civil issue or a criminal issue. Criminal prosecutions -- even ones punishable by but a fine -- are still subject to the "beyond all reasonable doubt" burden of proof in the United States. In most civil cases, however, the plaintiff's burden of proof tends to be "by a preponderance of the evidence" (that is, a greater than 50% chance).

You are right on routing part, another is that some existing networking protocols, like WCCP, may be designed to operate in IPv4 only and even when both the routers and web caches are IPv6 capable, some traffic may not be redirected due to the WCCP limitation. These types of problems are much more difficult during migration towards IPv6.

"In any case, the best way to track someone's behavior is not by address anyway, because people change networks too often. Smartphones and tablets move back and forth between mobile networks and Wi-Fi networks throughout the day."

When it comes to private WiFi networks that we use regularly, I think it's common to get assigned the same IP as before. Having multiple IP address seems like it would create routing problems.

Has anyone ever had their laptop connected via ethernet and wifi at the same time? I have. I've also experimented with using one connection for incoming traffic and the other for outgoing traffic. Both configurations have their share of issues.

@Joe. I've always assumed that for crimes where there is a financial penalty like media piracy, the law simply holds the account owner responsible when it comes to residential internet. Perhaps similar to how a vehicle owner might be held responsible for whatever is found in the vehicle.

I think that when it comes to more serious penalties, the burden of proof is very high. It seems that someone would have to show which MAC address was transmitting the data packets, which I don't think the ISP would know unless they own the router that you use. Then there's the issue of MAC address spoofing and the reality that malware can route malicious traffic through your PC.

@AbeG: Conversely, with the necessary IP-sharing that must come without quick-enough IPv6 deployment, an innocent may get accused of a computer crime perpetrated by a do-badder with a device sharing the same IP.

:) I think we are looking at a post every 2 weeks for this. I already have all the "raw" material - the sniffer traces, debugs, configs, what order to show, etc. Now to piece each one together. 2nd one almost finished.

Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.